Hello, i am new to rancher and vsphere. I am trying to setup the cluster on vsphere. I can see that nginx ingress controller was created on cluster with with cluster-ip and ingress class name is nginx.
How to use this nginx ingress class to create the ingress rules for the cluster As per my requirement i want to create ingress controller as load balancer to expose the cluster-ip applications services.
Any suggestions on how to deal this situation on vsphere environment ?
02/15/2023, 8:02 PM
Howdy, since you are on vSphere and deploying K8s clusters there - I would recommend having an external (to your K8s clusters) load balancer like Nginx Plus or HA Proxy. You will also need to rely on whatever DNS provider you are using for your vSphere environment for the service URLs (ours is Infoblox at my institution).
In my environment, we have the service URL in Infoblox as a Shared CNAME of our Nginx Plus VM. Then we use Nginx Plus to point our listeners to the appropriate K8s cluster’s worker nodes via FQDN, as upstreams. From there, we rely on the cluster’s Nginx Load Balancing config to route to the proper workloads/services running in our K8s clusters.
02/16/2023, 7:17 AM
@modern-television-79263 Thanks for your response and time.
As per your answer, traffic follow this path
External loadbalancer(Ex: HA proxy out side the k8s cliuster on another virtual machine) ==> k8s nodes in node pool in rancher ==> Now traffic is at inside the k8s cluster, from here we can use nginx class to direct the different cluster ip services as per ingress rules .
Please correct me if my understanding is wrong.
is there any way we can add k8s nodes in node pool in rancher to HAproxy dynamically?
@modern-television-79263 Please let me know your response that will help me a lot. Thanks
02/16/2023, 4:16 PM
Howdy @brash-jewelry-40212 that sounds correct. I’ve not found a way to auto-gen the additional K8s nodes into HA Proxy or Nginx config - without using something like a Git/terraform/Jenkins pipeline that also controls the state of the cluster.
02/16/2023, 5:08 PM
@modern-television-79263 I did setup metalLB instead of HAproxy. It worked for me to get the external private ip.